File tree Expand file tree Collapse file tree 1 file changed +5
-2
lines changed Expand file tree Collapse file tree 1 file changed +5
-2
lines changed Original file line number Diff line number Diff line change @@ -1114,12 +1114,15 @@ repo](https://github.com/theupdateframework/specification/issues).
11141114
11151115 * ** 1.9** . ** Fast-forward attack recovery** A _ fast-forward attack_ happens
11161116 when attackers arbitrarily increase the version numbers in any of the
1117- timestamp, snapshot, targets, or delegated targets metadata. To recover from
1117+ timestamp, snapshot, targets, or delegated targets metadata. The attacker goal
1118+ is to cause clients to refuse to update the metadata later because the attacker's
1119+ listed metadata version number (possibly MAX_INT) is greater than the new valid
1120+ version. To recover from
11181121 fast-forward attacks after the repository has been compromised and recovered,
11191122 certain metadata files need to be deleted as specified in this section.
11201123 Please see [ the Mercury
11211124 paper] ( https://ssl.engineering.nyu.edu/papers/kuppusamy-mercury-usenix-2017.pdf )
1122- for more details.
1125+ for more details on fast-forward attacks .
11231126
11241127 * ** 1.9.1** . ** Targets recovery** If a threshold of targets keys have been
11251128 removed in the new trusted root metadata compared to the previous trusted
You can’t perform that action at this time.
0 commit comments